CVE-2025-12690

Summary

Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.

Affected Software

VendorProductVersion RangeStatus
ForcepointNGFW Engine0 <= 6.10.19affected
ForcepointNGFW Engine0 <= 7.3.0affected
ForcepointNGFW Engine0 <= 7.2.4affected
ForcepointNGFW Engine0 <= 7.1.10affected

Weaknesses

  • CWE-250: CWE-250 Execution with unnecessary privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References